Isaca AAISM - Advanced in AI Security Management Exam
Page: 2 / 18
Total 90 questions
Question #6 (Topic: Exam A)
An organization's CIO provided the AI steering committee with a list of AI technologies in use and tasked them with categorizing the technologies by risk. Which of the following should the committee do FIRST?
A. Begin grouping similar AI products and solutions together.
B. Ensure the AI technologies are included in the asset inventory.
C. Assess risk levels based on risk appetite and regulatory requirements.
D. Identify vulnerabilities related to the technologies in use.
Answer: B
Question #7 (Topic: Exam A)
A large pharmaceutical company using a new AI solution to develop treatment regimens is concerned about potential hallucinations with the introduction of real-world data. Which of the following is MOST likely to reduce this risk?
A. Penetration testing
B. Data asset validation
C. Human-in-the-loop
D. AI impact analysis
Answer: C
Question #8 (Topic: Exam A)
Which of the following should be the PRIMARY consideration for an organization concerned about liabilities associated with unforeseen behavior from agentic AI systems?
A. Model dependencies
B. Approved base models
C. Acceptable risk level
D. Accountability model
Answer: D
Question #9 (Topic: Exam A)
During the creation of a new large language model (LLM), an organization procured training data from multiple sources. Which of the following is MOST likely to address the CISO's security and privacy concerns?
A. Data minimization
B. Data augmentation
C. Data classification
D. Data discovery
Answer: A
Question #10 (Topic: Exam A)
An organization is reviewing an AI application to determine whether it is still needed. Engineers have been asked to analyze the number of incorrect predictions against the total number of predictions made. Which of the following is this an example of?
A. Model validation
B. Control self-assessment (CSA)
C. Explainable decision-making
D. Key performance indicator (KPI)
Answer: A
